使用 python 解析具有 DER 格式的 X509 证书的二进制文件以提取公钥的最佳方法是什么.
Which is the best way to parse with python a binary file with X509 Certificate in DER format to extract public key.
Python 内置的 SSL 模块和 PyOpenSSL 都没有 API 来提取私钥并访问其信息.M2Crypto 不再维护,并且不适用于 OpenSSL 1.0 及更高版本.
Neither the built-in SSL module of Python nor PyOpenSSL have an API to extract the private key and access its information. M2Crypto is no longer maintained and doesn't work with OpenSSL 1.0 and newer.
PyOpenSSL 有一个公钥类,但它的功能有限:
PyOpenSSL has a public key class but its features are limited:
>>> with open("cert.der", "rb") as f:
... der = f.read()
...
>>> import OpenSSL.crypto
>>> x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_ASN1, der)
>>> pkey = x509.get_pubkey()
>>> dir(pkey)
['__class__', '__delattr__', '__doc__', '__format__', '__getattribute__', '__hash__', '__init__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', 'bits', 'check', 'generate_key', 'type']
>>> pkey.bits()
4096L
>>> pkey.type() == OpenSSL.crypto.TYPE_RSA
True
Python 3.4 可能会获得 X509 类型,该类型会公开更多信息,例如 SPKI.
Python 3.4 may get a X509 type that exposes more information like SPKI.
这篇关于python中的简单DER证书解析的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!